Prestashop Productcomments
3 CVEs affecting Prestashop Productcomments. Latest disclosed: 2022-09-02. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-26225 | High | 8.7 | 2020-11-16 | In PrestaShop Product Comments before version 4.2.0, an attacker could inject malicious web code into the users' web browsers by creating a malicious link. The… |
CVE-2020-26248 | Medium | 6.8 | 2020-12-03 | In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. The prob… |
CVE-2022-35933 | Medium | 4.3 | 2022-09-02 | This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could steal an administrat… |